Private data sharing system

US 9,015,281 B2
Filed: 10/11/2011
Issued: 04/21/2015
Est. Priority Date: 10/08/2010
Status: Active Grant

First Claim

Patent Images

1. A method by a data sharing system (DSS) server, which is operably connected to a data distribution network (DDN) that includes a first client of a first user, a second client of a second user and a third client of a third user, of facilitating the private sharing of data between the first, second and third client, the method comprising:

receiving, by the DSS server, via the DDN a data packet obfuscated with a first key (first ODP) from the first client;

transmitting via the DDN the first ODP, or a copy thereof, to the second client;

transmitting via the DDN the first ODP, or a copy thereof, to the third client;

receiving, by the DSS server, via the DDN a data packet obfuscated with a second key (second ODP) from the second client;

transmitting via the DDN the second ODP, or a copy thereof, to the first client;

transmitting via the DDN the second ODP, or a copy thereof, to the third client;

receiving, by the DSS server, via the DDN a data packet obfuscated with a third key (third ODP) from the third client;

transmitting via the DDN the third ODP, or a copy thereof, to the first client;

transmitting via the DDN the third ODP, or a copy thereof, to the second client;

the DSS server lacking the “

value, method and/or program or portion of a program”

(VMP) needed to de-obfuscate the first ODP;

the DSS server lacking the VMP needed to de-obfuscate the second ODP;

the DSS server lacking the VMP needed to de-obfuscate the third ODP;

storing the first ODP or a copy thereof;

storing the second ODP or a copy thereof; and

storing the third ODP or a copy thereof.

View all claims

0 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A novel architecture for a data sharing system (DSS) is disclosed and seeks to ensure the privacy and security of users'"'"' personal information. In this type of network, a user'"'"'s personally identifiable information is stored and transmitted in an encrypted form, with few exceptions. The only key with which that encrypted data can be decrypted, and thus viewed, remains in the sole possession of the user and the user'"'"'s friends/contacts within the system. This arrangement ensures that a user'"'"'s personally identifiable information cannot be examined by anyone other than the user or his friends/contacts. This arrangement also makes it more difficult for the web site or service hosting the DSS to exploit its users'"'"' personally identifiable information. Such a system facilitates the encryption, storage, exchange and decryption of personal, confidential and/or proprietary data.

Citations

35 Claims

1. A method by a data sharing system (DSS) server, which is operably connected to a data distribution network (DDN) that includes a first client of a first user, a second client of a second user and a third client of a third user, of facilitating the private sharing of data between the first, second and third client, the method comprising:
- receiving, by the DSS server, via the DDN a data packet obfuscated with a first key (first ODP) from the first client;
  
  transmitting via the DDN the first ODP, or a copy thereof, to the second client;
  
  transmitting via the DDN the first ODP, or a copy thereof, to the third client;
  
  receiving, by the DSS server, via the DDN a data packet obfuscated with a second key (second ODP) from the second client;
  
  transmitting via the DDN the second ODP, or a copy thereof, to the first client;
  
  transmitting via the DDN the second ODP, or a copy thereof, to the third client;
  
  receiving, by the DSS server, via the DDN a data packet obfuscated with a third key (third ODP) from the third client;
  
  transmitting via the DDN the third ODP, or a copy thereof, to the first client;
  
  transmitting via the DDN the third ODP, or a copy thereof, to the second client;
  
  the DSS server lacking the “
  
  value, method and/or program or portion of a program”
  
  (VMP) needed to de-obfuscate the first ODP;
  
  the DSS server lacking the VMP needed to de-obfuscate the second ODP;
  
  the DSS server lacking the VMP needed to de-obfuscate the third ODP;
  
  storing the first ODP or a copy thereof;
  
  storing the second ODP or a copy thereof; and
  
  storing the third ODP or a copy thereof.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16)
- - 2. The method of claim 1 wherein the server transmits the first ODP to the second and third clients as a result of a distribution list attached to, or incorporated within, the first ODP, which specifies the second and third users as intended recipients of the first ODP.
  - 3. The method of claim 2 wherein the server transmits the second ODP to the first and third clients as a result of a distribution list attached to, or incorporated within, the second ODP, which specifies the first and third users as intended recipients of the second ODP.
  - 4. The method of claim 3 wherein the server transmits the third ODP to the first and second clients as a result of a distribution list attached to, or incorporated within, the third ODP, which specifies the first and second users as intended recipients of the third ODP.
  - 5. The method of claim 1 wherein the first ODP is an encrypted data packet.
  - 6. The method of claim 5 wherein the second ODP is an encrypted data packet.
  - 7. The method of claim 6 wherein the third ODP is an encrypted data packet.
  - 8. The method of claim 1 further comprising storing a copy of the first ODP.
  - 9. The method of claim 8 further comprising storing a copy of the second ODP.
  - 10. The method of claim 9 further comprising storing a copy of the third ODP.
  - 11. The method of claim 1 wherein the first ODP contains at least data created, uploaded and/or modified by the first user.
  - 12. The method of claim 11 wherein the second ODP contains at least data created, uploaded and/or modified by the second user.
  - 13. The method of claim 12 wherein the third ODP contains at least data created, uploaded and/or modified by the third user.
  - 14. The method of claim 1 wherein the first ODP contains a decryption VMP of the first user.
  - 15. The method of claim 14 wherein the second ODP contains a decryption VMP of the second user.
  - 16. The method of claim 15 wherein the third ODP contains a decryption VMP of the third user.

17. A data sharing system (DSS) client architecture, comprising:
- a computing device having operatively thereon a DSS client which is initialized by a first user with at least “
  
  a data obfuscation value and/or program or portion of a program”
  
  (DOVP);
  
  the first user'"'"'s DSS client, using a DOVP of the first user, is configured to obfuscate a data file of the first user and to transmit the obfuscated data file (ODF) over a data distribution network for receipt by at least second and third DSS clients, of second and third users, respectively;
  
  the second DSS client is initialized with at least a DOVP of, and by, the second user;
  
  the second client, using a DOVP of the second user, is configured to obfuscate a data file of the second user and to transmit the ODF over a data distribution network for receipt by at least the first and third DSS clients, of the first and third users, respectively;
  
  the third DSS client is initialized with at least a DOVP of, and by, the third user;
  
  the third client, using a DOVP of the third user, is configured to obfuscate a data file of the third user and to transmit the ODF over a data distribution network for receipt by at least the first and second DSS clients, of the first and second users, respectively;
  
  the DOVP of the first user is not the same as the DOVP of the second user;
  
  the DOVP of the first user is not the same as the DOVP of the third user;
  
  the DOVP of the second user is not the same as the DOVP of the third user;
  
  the second DSS client is configured to de-obfuscate the ODF of the first user using “
  
  a data de-obfuscation value and/or program or portion of a program”
  
  (DDVP) which the first user provided to the second user via a server;
  
  the third DSS client is configured to de-obfuscate the ODF of the first user using a DDVP which the first user provided to the third user via a server;
  
  the first DSS client is configured to de-obfuscate the ODF of the second user using a DDVP which the second user provided to the first user via a server;
  
  the third DSS client is configured to de-obfuscate the ODF of the second user using a DDVP which the second user provided to the third user via a server;
  
  the first DSS client is configured to de-obfuscate the ODF of the third user using a DDVP which the third user provided to the first user via a server; and
  
  the second DSS client is configured to de-obfuscate the ODF of the third user using a DDVP which the third user provided to the second user via a server.
- View Dependent Claims (18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35)
- - 18. The architecture of claim 17 wherein the DOVD of the first user is an alphanumeric character string suitable for use as a symmetric-key-encryption cryptographic key.
  - 19. The architecture of claim 18 wherein the DOVD of the second user is an alphanumeric character string suitable for use as a symmetric-key-encryption cryptographic key.
  - 20. The architecture of claim 19 wherein the DOVD of the third user is an alphanumeric character string suitable for use as a symmetric-key-encryption cryptographic key.
  - 21. The architecture of claim 17 wherein transmissions between the first, second and third DSS clients are via a DSS server.
  - 22. The architecture of claim 17 wherein the ODF of the first user is stored in a DSS server of the data distribution network.
  - 23. The architecture of claim 22 wherein the ODF of the second user is stored in a DSS server of the data distribution network.
  - 24. The architecture of claim 23 wherein the ODF of the third user is stored in a DSS server of the data distribution network.
  - 25. The architecture of claim 17 wherein the DDVP is provided by exchanging the DDVP through a DDS server when the version of DDVP sent to, received by, and forwarded by, the DDS server was obfuscated using a DOVP for which the complementary DDVP was neither in the possession of nor accessible by the DSS server.
  - 26. The architecture of claim 17 wherein the DDVP used by the second DSS client to de-obfuscate the ODF received from the first user is stored in a data object within the second DSS client.
  - 27. The architecture of claim 26 wherein the data object is a key locker.
  - 28. The architecture of claim 27 wherein the key locker is configured to have been retrieved from a DSS server.
  - 29. The architecture of claim 28 wherein the key locker which the second DSS client received from the DSS server was obfuscated using a DOVP whose complementary DDVP was neither in the possession of nor accessible by the DSS server.
  - 30. The architecture of claim 29 wherein the DDVP used by the third DSS client to de-obfuscate the ODF received from the first user is configured to have been previously stored in a key locker within the third DSS client.
  - 31. The architecture of claim 30 wherein the key locker used by the third DSS client is configured to have been retrieved from a DSS server.
  - 32. The architecture of claim 31 wherein the key locker which the third DSS client received from the DSS server was obfuscated using a DOVP whose complementary DDVP was neither in the possession of nor accessible by the DSS server.
  - 33. The architecture of claim 32 wherein the DDVP used by the first DSS client to de-obfuscate the ODF received from the second user is configured to have been previously stored in a key locker within the first DSS client.
  - 34. The architecture of claim 33 wherein the key locker used by the first DSS client was retrieved from a DSS server.
  - 35. The architecture of claim 34 wherein the key locker which the first DSS client received from the DSS server was obfuscated using a DOVP whose complementary DDVP was neither in the possession of nor accessible by the DSS server.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Brian Lee Moffat
Original Assignee
Brian Lee Moffat
Inventors
Moffat, Brian Lee
Primary Examiner(s)
NGUYEN, THU HA T

Application Number

US13/878,345
Publication Number

US 20130318347A1
Time in Patent Office

1,288 Days
Field of Search

713/168, 709/218, 709/228, 380/277
US Class Current

709/218
CPC Class Codes

G06F 21/6245   Protecting personal data, e...

G06Q 50/01   Social networking

H04L 2209/16   Obfuscation or hiding, e.g....

H04L 2209/60   Digital content management,...

H04L 51/066   Format adaptation, e.g. for...

H04L 51/212   using filtering or selectiv...

H04L 51/52   for supporting social netwo...

H04L 63/0421   Anonymous communication, i....

H04L 63/0428   wherein the data content is...

H04L 63/0435   wherein the sending and rec...

H04L 63/06   for supporting key manageme...

H04L 63/065   for group communications cr...

H04L 63/08   for authentication of entit...

H04L 67/303   Terminal profiles

H04L 67/306   User profiles

H04L 9/0822   using key encryption key

H04L 9/0825   using asymmetric-key encryp...

H04L 9/0891   Revocation or update of sec...

H04L 9/0894   Escrow, recovery or storing...

Private data sharing system

First Claim

0 Assignments

0 Petitions

Accused Products

Abstract

Citations

35 Claims

Specification

Solutions

Use Cases

Quick Links

Private data sharing system

First Claim

0 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

35 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links